In this dangerous world, rife with identity and data theft, you should use passwords that are as secure as possible. But how do you keep track of the gazillion passwords needed to access your various resources? Steve Schafer gives you the skinny on consumer options available for managing all those passwords.

Like this article? We recommend

Like this article? We recommend

I used the same password for years—for everything requiring a password.
Of course, back then I only had a few accounts requiring passwords—Windows
didn't require me to log in and the Web hadn't taken flight yet. Over
the years, the number of accounts grew but I continued to use the same
password.

A few accounts tried to change my errant ways by placing strict requirements
on the passwords I used, expiring passwords on a regular basis, and so on.
However, it took a bigger event to change my old habits, namely a compromised
server.

When one of my servers was compromised, it made me think about the amount of
data the hacker had access to. Because most of my passwords across the server
(and connected network) were identical, once inside, the hacker could have
accessed almost anything on the network. If the hacker could also ascertain
which web sites I frequented, my banking, credit card, and other financial
accounts might also be in jeopardy of being hacked. It would be even worse if I
misplaced my laptop, on which I do about 80 percent of my work and play. It was
time to change my ways.

The Dilemma

The security problem facing today's computer users is threefold:

Many local and online (Internet) resources require a password that complies
with the resource's self-imposed rules. (My online bank account, for
example, requires a password with at least "one upper-case letter, one
lower-case letter, one number, and one non-alphanumeric character.")

A lot of data is now stored on mobile devices, which tend to be targets for
thieves of all levels. Losing your laptop could compromise your employer's
data as well as your personal data.

The recent rise in computer and identity theft places even more emphasis on
using secure passwords: No more spouse names, pet names, or birthplaces!

In short, users should employ many unique passwords for each resource that
needs protection.